Today I want to share a program called "JEX Bot". Yes, it's the same bot as back then which was simply thrown together from other public scripts and then sold overpriced.
It is this time again touted as the ultimate shell program that supposedly uses private exploits and brings masses of shells.
This is of course absolute bullshit! It checks the default paths whether there is a shell or not (Every now and then it makes a post request like this: "{"user_login": "CVE_2021_21389", "user_email": "fuckyouscammer@jex.sucker", "user_name": "CVE_2021_21389", "password": "abc@1234567XXX"}").
It is brazen that the seller sells such a crappy program for 160$ and people just scam with it.
The domain on which everything runs with the licenses etc. is "jex.tools" (Updatecheck on https://jex.tools/update_jex". It would be a pity if his scam program would suddenly stop running when the site is offline.
In his Telegram chat (https://t.me/shelltools you can also write to this idiot directly at @jexsell) he writes something like this:
[+] 85 Private Exploit Upload Shell added to JEX New Version
[+]Wordpress
[+]Drupal
[+]Apache Exploits
[+]Joomla
[+]Magento
[+] opencart
[+]VB
[+] weblogic
[+] emlog
[+] gravCMS
[+] prestashop
[+] struts
[+] tomcat
[+] FineReport
[+] laravel
[+] admin
[+] ThinkPHP
[+] DedeCMS
[+] DotNetNuke
It is of course not true that he uses "private exploits". Can be clearly seen in the traffic.
The program was written in Python.
-1 Run add_hosts.bat, would ask for admin perms to allow it, if gives Access denied go manually edit C:\Windows\System32\drivers\etc\hosts file and add
127.0.0.1 jex.tools
127.0.0.1 www.jex.tools
-2 run Jex_crack.exe, open JEX BOT.exe
-3 using mastercho as username and password for JEX BOT.exe login then enter
-4 Done
It is this time again touted as the ultimate shell program that supposedly uses private exploits and brings masses of shells.
This is of course absolute bullshit! It checks the default paths whether there is a shell or not (Every now and then it makes a post request like this: "{"user_login": "CVE_2021_21389", "user_email": "fuckyouscammer@jex.sucker", "user_name": "CVE_2021_21389", "password": "abc@1234567XXX"}").
It is brazen that the seller sells such a crappy program for 160$ and people just scam with it.
The domain on which everything runs with the licenses etc. is "jex.tools" (Updatecheck on https://jex.tools/update_jex". It would be a pity if his scam program would suddenly stop running when the site is offline.
In his Telegram chat (https://t.me/shelltools you can also write to this idiot directly at @jexsell) he writes something like this:
[+] 85 Private Exploit Upload Shell added to JEX New Version
[+]Wordpress
[+]Drupal
[+]Apache Exploits
[+]Joomla
[+]Magento
[+] opencart
[+]VB
[+] weblogic
[+] emlog
[+] gravCMS
[+] prestashop
[+] struts
[+] tomcat
[+] FineReport
[+] laravel
[+] admin
[+] ThinkPHP
[+] DedeCMS
[+] DotNetNuke
It is of course not true that he uses "private exploits". Can be clearly seen in the traffic.
The program was written in Python.
-1 Run add_hosts.bat, would ask for admin perms to allow it, if gives Access denied go manually edit C:\Windows\System32\drivers\etc\hosts file and add
127.0.0.1 jex.tools
127.0.0.1 www.jex.tools
-2 run Jex_crack.exe, open JEX BOT.exe
-3 using mastercho as username and password for JEX BOT.exe login then enter
-4 Done
